top of page

CLEARSPACE LEARNING - PRIVACY POLICY

Last Updated: 17/11/25

 

1. INTRODUCTION

Clearspace Learning Ltd ("we", "us", "our") is committed to protecting your privacy and the privacy of the children and young people we work with. This Privacy Policy explains how we collect, use, store, and protect your personal information.

We are the data controller for the personal information we hold about you and the young people we support.

 

2. WHAT INFORMATION WE COLLECT

We collect and process the following types of personal information:

2.1 From Parents/Guardians:

  • Name and contact details (email, phone number, postal address)

  • Relationship to the young person

  • Payment and billing information

  • Communication preferences

  • Any information you provide in enquiry forms or correspondence

2.2 From/About Young People:

  • Name, age, and date of birth

  • Educational background and current school status

  • Special educational needs and disabilities (SEND) information

  • Learning preferences, interests, and strengths

  • Educational progress and assessment records

  • Attendance records

  • Behavioral observations (where relevant for educational support)

  • Emergency contact information

2.3 From Schools/Local Authorities:

  • Education, Health and Care Plans (EHCPs)

  • Previous educational records

  • Reports from educational psychologists or other professionals

  • Attendance and safeguarding information (where relevant)

2.4 From Website Visitors:

  • IP addresses and location data

  • Browser type and device information

  • Pages visited and time spent on site

  • Referring website

  • Cookies and similar tracking technologies (see Section 10)

 

3. LEGAL BASIS FOR PROCESSING

We process personal data under the following lawful bases under UK GDPR:

3.1 Contract Performance

Processing necessary to provide our educational services as agreed with you.

3.2 Legitimate Interests

  • Improving our services

  • Responding to enquiries

  • Marketing (where we have a legitimate interest and your rights don't override)

  • Website analytics

3.3 Legal Obligation

  • Safeguarding responsibilities

  • Compliance with educational regulations

  • Health and safety requirements

  • Tax and accounting obligations

3.4 Consent

  • Marketing communications (where we don't have another lawful basis)

  • Use of photographs or videos for marketing

  • Non-essential cookies

3.5 Special Category Data (Sensitive Personal Data)

Information about health, disabilities, and special educational needs is considered "special category" data. We process this under:

  • Explicit consent from parents/guardians

  • Substantial public interest (safeguarding and child protection)

  • Health or social care purposes (educational support)

 

4. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

4.1 Service Delivery:

  • Providing tutoring, mentoring, and educational support

  • Designing personalized learning programs

  • Assessing progress and preparing reports

  • Communicating with parents/guardians about progress

  • Managing bookings and scheduling

  • Processing payments

4.2 Safeguarding:

  • Ensuring the safety and welfare of young people

  • Maintaining safeguarding records

  • Reporting concerns to appropriate authorities when necessary

4.3 Legal and Regulatory Compliance:

  • Meeting our obligations under education and safeguarding law

  • Maintaining accurate records for inspections

  • Complying with local authority requirements

  • Tax and accounting purposes

4.4 Communication:

  • Responding to enquiries

  • Sending service updates and important information

  • Providing newsletters and educational resources (with consent)

4.5 Improvement and Development:

  • Analyzing service effectiveness

  • Improving our programs and methods

  • Staff training and quality assurance

4.6 Marketing:

  • Promoting our services (only with appropriate consent)

  • Case studies and testimonials (always anonymized or with explicit consent)

 

5. HOW WE SHARE YOUR INFORMATION

We may share your information with:

5.1 Third-Party Service Providers:

  • Payment processors (e.g., Stripe, PayPal) - for secure payment processing

  • Email service providers (e.g., MailChimp, Google Workspace) - for communications

  • Website hosting providers (e.g., Wix) - for website functionality

  • Cloud storage providers (e.g., Google Drive, Dropbox) - for secure document storage

  • Booking/scheduling systems - for appointment management

All third-party providers are carefully selected and required to protect your data in accordance with UK GDPR.

5.2 Educational and Regulatory Bodies:

  • Local authorities - for EOTAS provision and reporting

  • Schools - with parental consent, for coordination of support

  • Educational psychologists and other professionals - where necessary for educational support

  • Ofsted or regulatory bodies - during inspections

5.3 Legal Requirements:

  • Police and safeguarding authorities - where we have safeguarding concerns

  • Legal advisors - for legal compliance

  • HMRC and accountants - for tax and financial compliance

5.4 With Your Consent:

  • Any other sharing will only occur with your explicit consent

We will NEVER:

  • Sell your personal information to third parties

  • Share your information for marketing purposes without consent

  • Share children's information unnecessarily

 

6. CHILDREN'S PRIVACY

We take children's privacy extremely seriously:

6.1 Parental Consent:

  • We obtain explicit consent from parents/guardians before processing children's personal data

  • Parents/guardians can exercise rights on behalf of their children

6.2 Age-Appropriate Communication:

  • We explain our services and data processing to young people in age-appropriate language

  • We respect young people's developing autonomy while prioritizing their safety

6.3 Safeguarding:

  • We may override parental consent if we have safeguarding concerns

  • We follow statutory guidance on information sharing for child protection

6.4 Photographs and Videos:

  • We obtain separate, explicit consent before using any photographs or videos of young people

  • Parents/guardians can withdraw consent at any time

 

7. DATA SECURITY

We implement appropriate technical and organizational measures to protect your data:

7.1 Technical Measures:

  • Encrypted data transmission (SSL/TLS)

  • Secure cloud storage with encryption at rest

  • Password-protected systems with strong authentication

  • Regular security updates and patches

  • Secure backup procedures

7.2 Organizational Measures:

  • Staff training on data protection

  • Access controls (staff only access data they need)

  • Confidentiality agreements with staff

  • Regular security reviews

  • Incident response procedures

7.3 Physical Security:

  • Secure storage of physical records

  • Locked filing cabinets and offices

  • Controlled access to premises

 

8. DATA RETENTION

We retain personal data only as long as necessary:

8.1 Active Students:

  • Educational records: Duration of service + 3 years

  • Assessment and progress reports: Duration of service + 3 years

  • Communication records: Duration of service + 1 year

8.2 Former Students:

  • Core educational records: 3 years after service ends (or until age 25, whichever is longer)

  • Safeguarding records: As per statutory guidance (may be indefinite)

  • Financial records: 7 years (HMRC requirement)

8.3 Enquiries (Non-Clients):

  • Enquiry forms and correspondence: 2 years

  • Marketing consent records: Until consent is withdrawn or 3 years of inactivity

8.4 Website Analytics:

  • Cookie data: 26 months (Google Analytics default)

  • IP addresses: Anonymized after 14 months

After retention periods expire, we securely delete or anonymize data.

 

9. YOUR RIGHTS UNDER UK GDPR

You have the following rights regarding your personal data:

9.1 Right to Access

You can request a copy of the personal data we hold about you (Subject Access Request).

9.2 Right to Rectification

You can ask us to correct inaccurate or incomplete data.

9.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your data in certain circumstances (e.g., when no longer necessary, consent withdrawn).

Note: We may need to retain some data for legal obligations (e.g., safeguarding records, financial records).

9.4 Right to Restrict Processing

You can ask us to limit how we use your data in certain circumstances.

9.5 Right to Data Portability

You can request your data in a commonly used, machine-readable format.

9.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing.

9.7 Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling.

9.8 Right to Withdraw Consent

Where we rely on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at: [your email]

Response Time: We will respond within 30 days.

 

10. COOKIES AND TRACKING

Our website uses cookies and similar technologies:

10.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website.

10.2 Types of Cookies We Use:

Essential Cookies:

  • Required for website functionality

  • Cannot be disabled

  • Examples: Session management, security

Analytics Cookies:

  • Help us understand how visitors use our site

  • Used to improve user experience

  • Example: Google Analytics

Marketing Cookies:

  • Track visitors across websites

  • Used for targeted advertising (if applicable)

  • Require consent

10.3 Managing Cookies:

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

For more details, see our separate Cookie Policy.

 

11. THIRD-PARTY LINKS

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these sites. Please review their privacy policies separately.

 

12. INTERNATIONAL TRANSFERS

We primarily store data within the UK. If we transfer data outside the UK, we ensure:

  • Adequate protections are in place (e.g., EU adequacy decisions, standard contractual clauses)

  • You are informed of such transfers

Current third-party services that may involve international transfers:

  • Google Workspace - USA (adequacy framework in place)

  • [Other services] - [Location and safeguards]

 

13. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

Significant changes: We will notify you by email or prominent notice on our website.

Your continued use of our services after changes indicates acceptance of the updated policy.

 

14. COMPLAINTS

If you have concerns about how we handle your data:

Step 1: Contact us at [your email]

Step 2: If unsatisfied, you can complain to the UK supervisory authority:

Information Commissioner's Office (ICO)

 

15. CONTACT US

For any questions about this Privacy Policy or how we handle your data:

Clearspace Learning Ltd

info@clearspacelearning.com

16. SAFEGUARDING NOTICE

Important: While we respect your privacy rights, we have a legal duty to safeguard children. If we have concerns about a child's welfare, we may need to share information with appropriate authorities (police, social services, local authority designated officers) without your consent.

This is in accordance with:

  • Children Act 1989 and 2004

  • Working Together to Safeguard Children (2018)

  • Data Protection Act 2018 (Safeguarding of Children and Individuals at Risk)

bottom of page